Rate this:

“DojoCon 2010 – Where Security Masters Lead” is a conference created by Marcus J. Carey, and was an off-shoot of a popular monthly meeting he called Dojosec, held in Maryland. While at the meeting in January, Marcus requested I speak. Based on the popularity of the monthly meeting, I figured it would be fun.

During this speech, I presented some new research which mapped operating systems supporting IPv6, which also had tunnels available when native IPv6 was not available on the local network. I also introduced my tool, DADra, a never published tool I was using to attack other IPv6 enabled devices on the same segment.

The only disquieting moment I had during the conference was when Ron Gula from Tenable, one of the sponsors of the event asked me why this was even important and claimed he did not think IPv6 would happen nor that Tennable Nessus would ever support IPv6. Oh well, time will tell.

After four months of waiting, I finally was inserted into a spot at the Baltimore ISSA. The meeting was standing room only in a reasonably large training room, in Columbia Maryland. I updated and added the following items to my slides:

Discussed IPv6 is a Business Continuity issue and organizations must move to avoid this problem. This included BGP fragmentation and the problem of not having large enough routers to manage these tables.

Cloud Computing and IPv6

Add both capable and enabled to the chart of operating systems. This process tool several weeks to confirm.

Updated information about IPv6 security events

Did a bunch of research on malware that have been leveraging IPv6 and IPv6 tunnels

Another update to my vulnerability slides

Added information about product testing

Discussed the problem with Netwitness 8, not properly representing an IPv6 address

Google Earth is missing a place to insert IPv6 addresses

Update compliance issues

Discussed new defenses of IPv6 only networks

All in all it was a good group, received very few cards for the size of the group. Strange.